<?php

	// get request time
	$time = time();

	// check number of parameters and parameter names
	if (sizeof($_GET) != 6 || !array_key_exists('id', $_GET) || !array_key_exists('key', $_GET) || !array_key_exists('hun', $_GET) || !array_key_exists('lat', $_GET) || !array_key_exists('lon', $_GET) || !array_key_exists('acc', $_GET))
	{
		echo "Usage: please supply the following parameters in your request: 'id', 'key', 'hun' (hashed username), 'lat' (latitude), 'lon' (longitude), and 'acc' (accuracy).";
		exit();
	}

	// if passed then check whether strlen id == 40
	if (strlen(trim($_GET['id'])) != 40)
	{
		echo "Usage: your id must be exactly 40 charaters.";
		exit();
	}

	// if passed then check whether strlen key == 40
	if (strlen(trim($_GET['key'])) != 40)
	{
		echo "Usage: your key must be exactly 40 charaters.";
		exit();
	}

	// if passed then check whether strlen hun == 40
	if (strlen(trim($_GET['hun'])) != 40)
	{
		echo "Usage: your hashed username must be exactly 40 charaters.";
		exit();
	}

	// if passed then check whether lat, lon, and acc is empty or not numeric
	if (strlen(trim($_GET['lat'])) == 0 || strlen(trim($_GET['lon'])) == 0 || strlen(trim($_GET['acc'])) == 0 || !is_numeric($_GET['lat']) || !is_numeric($_GET['lon']) || !is_numeric($_GET['acc']))
	{
		echo " Usage: Latitude, longitude, and accuracy must all be numeric and not empty.";
		exit;
	}
	
	// if passed then connect to db and initialize variables
	$mysqli = new mysqli('localhost', 'root', 'project3', 'implauth');
	if ($mysqli->connect_errno)
	{
		echo "Database connection error!";
		exit();
	}
	$id = $_GET['id'];
	$key = $_GET['key'];
	$hun = $_GET['hun'];
	$lat = $_GET['lat'];
	$lon = $_GET['lon'];
	$acc = $_GET['acc'];

	// if passed then validate id and key
	$res = $mysqli->query("select count(*) as total from servers where id like '$id' and secretkey like '$key'");
	$ob = $res->fetch_object();
	$res->close();
	if ($ob->total != 1)
	{
		echo "Error: Invalid id and/or key!";
		$mysqli->close();
		exit();
	}

	// if passed then validate username
	$res = $mysqli->query("select count(*) as total from accounts where serverid like '$id' and hun like '$hun'");
	$ob = $res->fetch_object();
	$res->close();
	if ($ob->total != 1)
	{
		echo "Error: Invalid username! Possibly it has not been activated.";
		$mysqli->close();
		exit();
	}

	// if passed then get hdeviceid 
	$res = $mysqli->query("select hdeviceid from accounts where serverid like '$id'");
	$ob = $res->fetch_object();
	$res->close();
	$hdeviceid = $ob->hdeviceid;

	// if passed then check if location update has been disabled for the device id
	$res = $mysqli->query("select * from locations where hdeviceid like '$hdeviceid'");
	if ($res->num_rows == 0)
	{
		echo 1; // location not available for device id
		$mysqli->close();
		$res->close();
		exit();
	}
	$ob = $res->fetch_object();
	$res->close();
	if ($ob->stopped == 'y')
	{
		echo 4;
		$mysqli->close();
		$res->close();
		exit;
	}

	// if passed then get last updated location
	$dvlat = $ob->latitude;
	$dvlon = $ob->longitude;
	$dvacc = $ob->accuracy;
	$dvtime = $ob->time;
//	if ($time - $dvtime > 605) 
//	{
//		echo 2; // last updated more than 10 mins ago
//		$mysqli->close();
//		exit();
//	}
	
	// if passed then compare sets of lats and lons and echo 0 if passed impl auth
	$maxDist = 150; // this will change later to support policy based architecture
	$dist = calDist(floatval($lat), floatval($lon), floatval($dvlat), floatval($dvlon), floatval($acc), floatval($dvacc));
	$ar = array('lat' => $lat, 'lon' => $lon, 'acc' => $acc, 'dvlat' => $dvlat, 'dvlon' => $dvlon, 'dvacc' => $dvacc, 'maxDist' => $maxDist, 'dist' => $dist);
	if (floatval($dist) > $maxDist)
	{
		$ar['result'] = '3';
		echo json_encode($ar);
		$mysqli->close();
		exit();
	}
	$ar['result'] = '0';
	echo json_encode($ar);
	$mysqli->close();




	///////////////////////////////////////////////
	function calDist($lat1, $lon1, $lat2, $lon2, $acc1, $acc2)  // Riversine function
	{
		$r = 6371; // earth's mean radius in km
		$dlat = deg2rad($lat2 - $lat1);
		$dlon = deg2rad($lon2 - $lon1);
		$radlat1 = deg2rad($lat1);
		$radlat2 = deg2rad($lat2);
		$a = sin($dlat/2) * sin($dlat/2)	 +		sin($dlon/2) * sin($dlon/2) * cos($lat1) * cos($lat2);
		$c = 2 * atan2(sqrt($a), sqrt(1 - $a));
		$d = $r * $c;
		return $d * 1000 + $acc1 + $acc2;
	}









?>
